Lucene search
RedHatRHSA-2006:0393HistoryAug 10, 2006 - 12:00 a.m.
(RHSA-2006:0393) ntp security update
2006-08-1000:00:00
access.redhat.com
5
0.001 Low
EPSS
Percentile
30.4%
The Network Time Protocol (NTP) is used to synchronize a computer’s time
with a reference time source.
The NTP daemon (ntpd), when run with the -u option and using a string to
specify the group, uses the group ID of the user instead of the group,
which causes ntpd to run with different privileges than intended.
(CVE-2005-2496)
The following issues have also been addressed in this update:
- The init script had several problems
- The script executed on upgrade could fail
- The man page for ntpd indicated the wrong option for specifying a chroot
directory - The ntp daemon could crash with the message “Exiting: No more memory!”
- There is a new option for syncing the hardware clock after a successful
run of ntpdate
Users of ntp should upgrade to these updated packages, which resolve these
issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | s390 | ntp | < 4.2.0.a.20040617-4.EL4.1 | ntp-4.2.0.a.20040617-4.EL4.1.s390.rpm |
| RedHat | any | x86_64 | ntp | < 4.2.0.a.20040617-4.EL4.1 | ntp-4.2.0.a.20040617-4.EL4.1.x86_64.rpm |
| RedHat | any | ia64 | ntp | < 4.2.0.a.20040617-4.EL4.1 | ntp-4.2.0.a.20040617-4.EL4.1.ia64.rpm |
| RedHat | any | src | ntp | < 4.2.0.a.20040617-4.EL4.1 | ntp-4.2.0.a.20040617-4.EL4.1.src.rpm |
| RedHat | any | s390x | ntp | < 4.2.0.a.20040617-4.EL4.1 | ntp-4.2.0.a.20040617-4.EL4.1.s390x.rpm |
| RedHat | any | ppc | ntp | < 4.2.0.a.20040617-4.EL4.1 | ntp-4.2.0.a.20040617-4.EL4.1.ppc.rpm |
| RedHat | any | i386 | ntp | < 4.2.0.a.20040617-4.EL4.1 | ntp-4.2.0.a.20040617-4.EL4.1.i386.rpm |
Related
openvas
openvas
Debian: Security Advisory (DSA-801-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 801-1 (ntp)
2008-01-17 00:00:00
NTPd <= 4.2.0 Privilege Escalation Vulnerability
2021-07-07 00:00:00
cvelist
cvelist
CVE-2005-2496
2005-09-02 04:00:00
centos
centos
ntp security update
2006-08-24 00:24:36
ubuntucve
ubuntucve
CVE-2005-2496
2005-09-02 00:00:00
debian
debian
[SECURITY] [DSA 801-1] New ntp packages fix group id confusion
2005-09-05 09:58:35
[SECURITY] [DSA 801-1] New ntp packages fix group id confusion
2005-09-05 09:58:35
nessus
nessus
Debian DSA-801-1 : ntp - programming error
2005-09-06 00:00:00
Ubuntu 4.10 : ntp vulnerability (USN-175-1)
2006-01-15 00:00:00
debiancve
debiancve
CVE-2005-2496
2005-09-02 17:03:00
ubuntu
ubuntu
ntp server vulnerability
2005-09-02 00:00:00
cve
cve
CVE-2005-2496
2005-09-02 17:03:00
osv
osv
ntp - programming error
2005-09-05 00:00:00
nvd
nvd
CVE-2005-2496
2005-09-02 17:03:00